The invention relates to a method and an authentication server for providing a uniquely assignable mobility key for cryptographic protection of mobility signaling messages for a home agent of a mobile radio network, especially for anonymous subscribers.
The Internet with the TCP/IP provides a platform for the development of higher-level protocols for the mobile area. Since the Internet protocols are widely used, a larger group of subscribers can be included with corresponding protocol expansions for the mobile environment. The conventional Internet protocols are however not originally designed for mobile use. In the packet switching of the conventional Internet the packets are exchanged between stationary computers, which change neither their network address nor roam between different subnets. In radio networks with mobile stations, mobile stations MS are frequently linked into different networks. The DHCP (Dynamic Host Configuration Protocol) makes it possible with the aid of a corresponding server to dynamically allocate an IP address and further configuration parameters to a station in a network. A computer which is linked into a network is automatically allocated a free IP address by the DHCP protocol. If a mobile station has installed DHCP it merely has to come within the range of a local network which supports configuration using the DHCP protocol. The DHCP protocol makes dynamic address allocation possible, i.e. a free IP address is automatically allocated for a specific time. After this time elapses the request must either be made again by the mobile station or the IP address can be issued in some other way.
With DHCP a mobile station can be linked into a network without manual configuration. The only requirement is the availability of a DHCP server. A mobile station can thus make use of services of the local network and centrally stored files for example If a mobile station offers services itself however, a potential service user cannot find the mobile station since its IP address changes in each network into which the mobile station is linked. The same occurs if an IP address changes during an existing TCP connection. This leads to the connection being aborted. Thus with Mobile-IP a mobile station is allocated an IP address which it also retains in another network. With conventional IP network change it is necessary to adapt the IP address settings appropriately. An ongoing adaptation of IP and routing configurations at the station is however practically impossible manually. In conventional automatic configuration mechanisms the existing connection is interrupted when the IP address is changed. The MIP protocol (RFC 2002, RFC 2977, RFC3344, RFC3846, RFC3957, RFC3775, RFC3776, RFC4285) supports the mobility of mobile stations. With the conventional IP protocols the mobile station must adapt its IP address each time it changes IP subnet, so that the data packets addressed to the mobile station can be correctly routed. To maintain an existing TCP connection the mobile station must retain its IP address since a change of address leads to an interruption of the connection. The MIP protocol remedies this conflict by allowing a mobile station or a Mobile Node (MN) to possess two IP addresses. The MIP protocol makes a transparent connection between the two addresses possible, namely a permanent home address and a second temporary care-of address. The care-of address is the IP address under which the mobile station is currently able to be reached.
A home agent is a representative of the mobile station when the mobile station is not located in its original home network. The home agent is constantly informed about the current location of the mobile station. The home agent usually represents a component of a router in the home network of the mobile station. If the mobile station is located outside the home network, the home agent provides a function whereby the mobile station can register. The home agent then forwards data packets addressed to the mobile station into the current subnet of the mobile station.
A foreign agent is located in the subnet in which the mobile station is moving. The foreign agent forwards incoming data packets to the mobile node or to the mobile station. The foreign agent is located in what is referred to as visited network. The foreign agent likewise usually represents a component of a router. The foreign agent routes all administrative mobile data packets between the mobile station and its home agent. The foreign agent unpacks the tunneled data packets sent by the home agent and forwards their data to the mobile node.
The home address of the mobile station is the address under which the mobile station is permanently accessible. The home address has the same address prefix as the home agent. The care-of address is that IP address which the mobile station uses in the foreign network.
The home agent maintains a so-called Mobility Binding Table (MBT). The entries in this table serve to assign the two addresses, i.e. the home address and the care-of address of a mobile station to each other and to reroute the data packets accordingly. The MBT table contains entries about the home address, the care-of address and a specification about the period of time during which this assignment is valid (Life Time). FIG. 1 shows an example of a mobility binding table according to the related art.
The foreign agent (FA) contains a Visitor List (VL) which contains information about the mobile nodes located in the IP network of the foreign agent at the time. FIG. 2 shows an example for a visitor list of this type according to the related art.
So that a mobile node can be linked into a network it must first ascertain whether it is in its home network or a foreign network. In addition the mobile station must ascertain which station is in the subnet of the home or foreign agent. This information is determined by what is known as agent discovery.
Through the subsequent registration the mobile node can notify its current location to its home agent. To do this the mobile station or the mobile node sends the home agent the current care-of address. For registration the mobile station sends a registration request to the home agent. The home agent (HA) enters the care-of address into its list and replies with a registration reply. However there is a security problem with this process. Since in principle each node can send a registration request to a home agent, it would be a simple matter to fool a home agent into believing a computer had moved to another network. Thus a foreign node could accept all data packets of a mobile station or mobile node without a sender knowing that this has occurred. To prevent this, the mobile station and the home agent have a common secret key available to them. If a mobile station returns to its mobile network, it deregisters with its home agent, since the mobile station can now again accept all data packets itself. A mobile radio network must include security features such as those listed below. Information may only be made accessible for desired communication partners, i.e. undesired eavesdroppers may not be given any access to transmitted data. The mobile radio network must thus have the attribute of confidentiality. In addition authenticity must be provided. Authenticity allows a communication partner to establish without doubt whether a communication has actually been set up to a desired communication partner or whether a foreign party is presenting itself as a communication partner. The authentications can be undertaken for each message or for each connection. If there is connection-based authentication the communication partner is only identified once at the start of a session. It is assumed for the further progress of the session that the following messages also originate from the corresponding sender. Even if the identity of a communication partner is established, i.e. the communication partner is authenticated, the case can arise in which this communication partner may not access all resources or may not make use of all services over the network. In this case a corresponding authorization requires a prior authentication of the communication partner.
With mobile data networks messages must cover long distances over air interfaces and are thus easily accessible for potential attackers. With mobile and wireless data networks security aspects thus have a particular role to play. Encryption techniques represent a significant way to enhance security in data networks. Encryption makes it possible to transmit data over insecure communication paths, for example over air interfaces, without unauthorized parties gaining access to the data. For encryption the data, i.e. the so-called plain text, is transformed with the aid of an encryption algorithm into encrypted text. The encrypted text can be transported over the insecure data transmission channel and subsequently decrypted or decoded.
WiMax (Worldwide Interoperability for Microwave Access) has been proposed as a new standard which represents a promising wireless access technology and uses standard IEEE 802.16 for radio transmission. WiMax is intended to allow transmit stations to supply an area of to 50 km with data rates of over 100 Mbit per second.
FIG. 3 shows a reference model for a WiMax radio network. A mobile station MS is located in the area of an Access Serving Network (ASN). The access serving network ASN is connected via at least one Visited Connectivity Service Network (VCSN) or intermediate network to a Home Connectivity Service Network (HCSN). The different networks are connected via interfaces or reference points R to each other. The home agent HA of the mobile station MS is located in the home connectivity service network HCSN or in one of the visited connectivity service networks VCSN.
WiMax supports two implementation variants of Mobile IP, so-called Client MIP (CMIP), in which the mobile station itself implements the MIP client function, and Proxy MIP (PMIP), in which the MIP client function is implemented by the WiMax access network. The functionality provided for this in the ASN is referred to as Proxy Mobile Node (PMN) or as PMIP client. This enables MIP to be also used with mobile stations which do not support any MIP themselves.
FIG. 4 shows the connection setup for Proxy MIP when the home agent is located in the visited network according to the related art.
After a radio connection has been established between the mobile station and a base station an access authentication is first undertaken. The function of authentication, authorization and accounting is performed by what are known as AAA servers (AAA: Authentication Authorization and Accounting). Authentication messages are exchanged between the mobile station MS and the AAA server of the home network (H-AAA) by means of which the address of the home agent and an authentication key are obtained. The authentication server in the home network contains the profile data of the subscriber. The AAA server receives an authentication request message which contains a subscriber identity of the mobile station. After successful authentication the AAA server generates an MSK (MSK: Master Session Key) to protect the data link between the mobile station MS and the base station of the access network ASN. This MSK is transmitted from the AAA server of the home network via the connectivity service network CSN to the access network ASN.
After access authentication, as can be seen in FIG. 4, the DHCP proxy server is configured in the access network ASN. If the IP address and host configuration are already contained in the AAA reply message, the entire information is downloaded into the DHCP proxy server.
After successful authentication and authorization the mobile station MS sends a DHCP Discovery message and an IP address is allocated.
If the access network ASN supports both PMIP and also CMIP mobility, the foreign agent then informs the ASN handover function by sending an R3 mobility context message. This can be omitted for networks which can only support PMIP.
After the home address has been read out, it is forwarded to the PMIP client.
An MIP registration is then undertaken. In the registration the home agent is informed about the current location of the mobile station. For registration the mobile station sends the registration request to the home agent which contains the current care-of address. The home agent enters the care-of address into a list that it administers and replies with a registration reply. Since in principle each station can send registration requests to a home agent, a home agent could be fooled in a simple manner into believing that a station had moved into another network. To prevent this, both the mobile station and also the home agent have a common secret key, namely an MIP key; if the home agent (HA) does not know the MIP key, it creates it, for which purpose it communicates with a home AAA server.
After completion of the connection setup depicted in FIG. 4, the mobile station has received a home address and is registered with the home agent.
The conventional connection setup is essentially undertaken in three steps, namely the access authentication of the subscriber, a subsequent IP address allocation and finally an MIP registration. In the access authentication the user logs on directly to the mobile network. To this end, in a conventional network registration, a radio connection is first established between the mobile station MS and the Access Network ASN, with an authentication server H-AAA for authentication of the subscriber receiving at least one authentication message from the subscriber station via an authentication client of the access network. This authentication message (Access Authentication) contains data such as an external subscriber identity or Network Access Identifier (NAI). This external NAI enables the authentication server H-AAA of the subscriber to be determined. On successful authentication the authentication server H-AAA informs the authentication client of the access network about this, so that this client creates a secure radio connection to the subscriber station.
After successful IP address allocation the mobile IP registration is finally performed. To this end the home agent HA receives a registration request message which contains a user identity and directs a key request to the authentication server. After receipt of a key request for a mobility key by the authentication server the authentication server makes a mobile key available for the home agent of the subscriber if an appropriate mobility key is stored in the authentication server for the subscriber identity contained in the key request message.
With a conventional mobile network (standard mobile IP) the mobility key which is used for cryptographic protection of the mobility signaling messages is pre-configured in the authentication server H-AAA of the home network, i.e. a corresponding mobility key is stored in the authentication server H-AAA of the home network for each subscriber for their subscriber identity.
With innovative mobile radio networks, such as WiMax for example, the mobility key is however created and stored during network registration in the authentication server H-AAA, i.e. the mobility key is not pre-configured. If with a mobile radio network of this type the home agent of a subscriber directs a key request message with a subscriber identity contained within it to the authentication server of the home network, the authentication server cannot assign the subscriber identity contained in the key request message and can thus not provide any corresponding mobility key.